[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Wrap-around Error

ID: 128Date: (C)2012-05-14   (M)2022-10-10
Type: weaknessStatus: INCOMPLETE
Abstraction Type: Base





Description

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

Likelihood of Exploit: Medium

Applicable Platforms
Language: Often
Language: C
Language: Often
Language: C++

Time Of Introduction

  • Implementation

Related Attack Patterns

Common Consequences

ScopeTechnical ImpactNotes
Availability
 		DoS: crash / exit / restart
DoS: resource consumption (CPU)
DoS: resource consumption (memory)
DoS: instability
 		This weakness will generally lead to undefined behavior and therefore crashes. In the case of overflows involving loop index variables, the likelihood of infinite loops is also high.
 
Integrity
 		Modify memory
 		If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
 
Confidentiality
Availability
Access_Control
 		Execute unauthorized code or commands
Bypass protection mechanism
 		This weakness can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.
 

Detection Methods
None

Potential Mitigations

PhaseStrategyDescriptionEffectivenessNotes
  Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
 		  
Architecture and Design
 		 Provide clear upper and lower bounds on the scale of any protocols designed.
 		  
Implementation
 		 Place sanity checks on all incremented variables to ensure that they remain within reasonable bounds.
 		  

Relationships
The relationship between overflow and wrap-around needs to be examined more closely, since several entries (including CWE-190) are closely related.

Related CWETypeViewChain
CWE-128 ChildOf CWE-885 Category CWE-888  

Demonstrative Examples   (Details)

  1. The following image processing code allocates a table for images. (Demonstrative Example Id DX-33)

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

TaxynomyIdNameFit
CLASP  Wrap-around error
 		 
CERT C Secure Coding MEM07-C
 		Ensure that the arguments to calloc(), when multiplied, can be represented as a size_t
 		 
CERT C++ Secure Coding MEM07-CPP
 		Ensure that the arguments to calloc(), when multiplied, can be represented as a size_t
 		 

References:

  1. Michael Howard David LeBlanc John Viega .24 Deadly Sins of Software Security. McGraw-Hill. Section:'"Sin 5: Buffer Overruns." Page 89'. Published on 2010.
  2. Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 6, "Signed Integer Boundaries", Page 220.'. Published on 2006.

© SecPod Technologies